Managing Sub-Servicing Partnerships 2
Managing Sub-Servicing Partnerships WHY IT IS IMPORTANT TO GINNIE MAE: Ginnie Mae recognizes that there are entities that specialize in the servicing and are better equipped to manage the operational demands more effectively that entities whose primary focus is originations. Ineffective borrower default situations can impact the liquidity of an Issuer which in turn impacts their successful participation in the Ginnie Mae MBS program. 3
Managing Sub-Servicing Partnerships WHAT IT S NOT: REACTIVE WEEKLY OR MONTHLY CALLS TWO PAGE OUTLINE OR GUIDE PART-TIME FUNCTION IT S MY SUB-SERVICER S RESPONSIBILITY 4
Managing Sub-Servicing Partnerships WHAT IT SHOULD BE: PRO-ACTIVE ON-GOING CUSTOMIZED TO YOUR ORGANIZATION S NEEDS DEDICATED FULL-TIME ROLE AS A GINNIE MAE ISSUER, I AM ACCOUNTABLE FOR THEIR ACTIONS 5
Managing Sub-Servicing Partnerships HOW ONE GINNIE MAE ISSUER MONITORS THEIR SUB-SERVICER: EVERBANK Michael Webb 6
Vendor Management: Sub-Servicing Oversight Michael Webb Director, Enterprise Vendor Management & Procurement Services EverBank Jacksonville, FL 7
Agenda Who is EverBank? What is a Vendor? Regulatory Expectations and Guidance Risks Governance Structure Program Overview Components of a Good Monitoring Plan Sub-Servicing Monitoring and Oversight Closing Thoughts / Key Success Factors Q&A 8
Who is EverBank? Diversified financial services company headquartered in Jacksonville, FL $19.8bn in Assets as of 2Q 2014 Financial Data Nationwide deposit and lending businesses Experienced management team 20 consecutive years of profitability 9
What is a Vendor? A vendor is any individual or business that provides products or services to another individual or business. Examples include: Loan Servicers Value-Added Resellers Landscaping Companies Security Operations Consultants Staffing Firms Software Providers Etc. Using vendors can offer many benefits including: Operational efficiencies Cost savings Speed to market Providing expertise that is not otherwise available internally 10
Regulatory Expectations Regulatory agencies expect vendor arrangements to be managed in a safe and sound manner and be in compliance with laws and regulations Vendor arrangements do not wash management s hands of the responsibility of managing the risks. Underlying controls should be the same as if the activity were being conducted directly. Each organization s risk profile is unique and requires a tailored risk-management approach A risk-management process should be adopted to identify, monitor, manage, and control the risks posed by the activity 11
Regulatory Guidance: Compliance, Enforcement, Change Board of Governors of the Federal Reserve System (FRB) Office of the Comptroller of the Currency (OCC) Consumer Financial Protection Bureau (CFPB) Federal Deposit Insurance Corporation (FDIC) 12
Risks The Issuer / Primary Servicer is held accountable for: Reputational Risk Strategic Risk Compliance Risk Transactional Risk Credit Risk Ineffective risk management can impact an issuer s liquidity, which in turn could jeopardize their eligibility to participate in Ginnie Mae s MBS program. 13
Governance Structure: Three Lines of Defense First Line of Defense The business unit plays a key role in the first line of defense for the organization as it relates to vendor risk and is involved in each phase of the vendor lifecycle, including the day-to-day interaction with the vendor. Second Line of Defense The second line of defense consists of vendor governance and oversight entities that work together to effectively identify, measure, monitor, and control the vendor risks. Third Line of Defense Internal audit is the third line of defense. They are charged with providing test methodologies that provide validation of vendor risks, both on an individual basis as well as an enterprise level. 14
Program Overview: Sub-Servicer Lifecycle Management Planning Upfront Risk Assessment Cost Analysis Contingency Plan Customer Expectations Regulatory Implications Governance and Accountability Board Oversight Roles & Responsibilities Policies & Procedures Culture Tone at the Top Talent Management Incentives Risk Management Process / Lifecycle Stages Due Diligence Financials Qualifications Experience Reputation Fee Structure Risk Management Information Security Business Continuity Contracting Nature and Scope of Arrangement Service Level Agreements Audit Rights Confidentiality Insurance Indemnification Program Infrastructure and Reporting Ongoing Monitoring Due Diligence Reviews Independent Testing Audits Performance Reporting Issues Management Termination Transition Plan Criteria for Migration Migration Risks Termination Rights and Obligations Risk Appetite Resources (Skills & Training) Technology & Data Continuous Improvement 15
Components of a Good Monitoring Plan Oversight Experienced Servicing Personnel with a Broad Understanding of Servicing Requirements Reporting & Monitoring Performance Metrics Exception Reporting Complaints Tracking Service Level Agreements (SLAs) Scorecards & Meeting Minutes Contingency Planning Testing Onsite Reviews Key Controls Validation Regularly Scheduled Audits 16
Post Transfer Oversight: Daily Communication and collaboration with sub-servicer Active cash management oversight Monitor transactions such as funding of cash shortages, loan sale & draft differences, and buyouts Review daily reports / exceptions Foreclosure Timeline Management Conveyances Reporting and Feedback System (RFS) GinnieNet Monitor Management Action Plans Remediation Activity Ensure compliance Service Level Agreement(s), Contract Terms, Regulatory Requirements, Policies 17
Post Transfer Oversight: Monthly Scorecards & meeting minutes Review of monthly reports Monthly pool to security Escrow administration First Legal Action Date (FLAD) Loan data Actual vs expected portfolio performance Early and late roll rates DQ2+, DQ3+, and DQP Ratios VA Valeri reports Holdback reports Testing of expected principal & interest exceptions Review Neighborhood Watch Initiate early buyouts 18
Post Transfer Oversight: Quarterly Call center monitoring Transactional level testing Operational controls and procedures validation Compliance reviews Quality Control audits 19
Post Transfer Oversight: Annually Onsite Reviews Business Strategy Performance / Service Delivery Regulatory Compliance Human Resources Employee Training Vendor Management Consumer Complaint Management Business Continuity / Disaster Recovery Physical Security Information Security Information Technology 20
Closing Thoughts / Key Success Factors Strong Program Framework Tailored Risk-Management Approach Proactive Partnering and Resource Sharing Active Oversight Good Communication Performance Management and Ongoing Monitoring Effective Reporting Document Management Tone from the Top Consistent Execution and Evidence Leverage your Ginnie Mae Team 21
Any questions? 22